[pptp-server] complex VPN problem (fwd)
Chris Ellingsen
chris.ellingsen at sympatico.ca
Mon Mar 6 22:42:50 CST 2000
Hi,
Seems to me like your linux box is not forwarding packets between the local
subnet and the remote machine. You should check out the route tables to make
sure that all the correct routes are added. For example, you would need to
enable the 'use default gateway on remote' (or whatever the exact words are) in
your network settings on the Windows PC. You also do not really need a third
address on the Linux box, it should use the .1 address for the local end, so the
proxy arp will actually take care of things. Also, ensure that packet
forwarding is enabled on the Linux box, and none of the firewall rules you may
have in place are blocking the packets... Since those are both 'inside'
interfaces, anything should be allowed to pass through from the remote to the
local net.
Hope this helps...
Chris
----- Original Message -----
From: "Scott M. Stone" <sstone at taos.com>
To: "PPTP Mailing List" <pptp-server at lists.schulte.org>
Sent: Monday, March 06, 2000 4:43 PM
Subject: [pptp-server] complex VPN problem (fwd)
>
> I'm hoping that someone on this list can answer this one, cuz it's weird.
> It's similar to one of the problems in the FAQ, but in my case, the pptp
> server machine and the firewall machine are the SAME BOX... which makes it
> a bit different... any help greatly appreciated.
>
> --------------------------
> Scott M. Stone, CCNA <sstone at taos.com>
> UNIX Systems and Network Engineer
> Taos - The SysAdmin Company
>
> ---------- Forwarded message ----------
> Date: Mon, 6 Mar 2000 08:05:31 -0800 (PST)
> From: Scott M. Stone <sstone at taos.com>
> To: Taos Network List <network at vtc.teamtaos.com>
> Subject: complex VPN problem
>
>
> OK, this is a bit odd.. I have a Linux box with 2 ethernet cards. One
> card goes directly to my DSL line, with a static IP. the other card goes
> to an 8-port hub which has two other PCs attached to it.
>
> Ok, so the IP masquerading/routing/firewalling/port forwarding seems to
> work, all the machines can browse, etc, etc. I have ipsec on the router
> box as well, to connect to my client site for doing email at home through
> their notes server, that works great as well.
>
> HOWEVER, I tried to set up a pptp connection last night to a friend of
> mine who's using Windows 98. I installed and configured the linux pptpd
> program, and installed PPP. The pptp connection is established, pppd
> starts and assigns IP addresses (I assigned my friend's remote machine an
> IP on my private subnet, 192.168.81.0/24, and I'm using proxyarp with
> pppd). Now, pppd is working fine, or so I think. From my ROUTER machine
> (which is 192.168.81.1 (eth1), 63.248.27.129 (eth0), and now
> 192.168.81.100 (ppp0)), I can see the remote pc (on 192.168.81.101). The
> remote PC can ping ALL of the interfaces on the router, including
> 192.168.81.1. HOWEVER, the problem is that the remote PC cannot access
> 192.168.81.2, which is one of my internal PCs on my 8-port hub. Nor can
> 192.168.81.2 access the remote PC. However, .2 can access the 'net
> through that same gateway, and can access the LAN pointed to by ipsec0
> without any problems.
>
> What am I doing wrong here? Should I be assigning ppp0 the same IP
> address as eth1 (192.168.81.1?) I also tried assigning a different subnet
> for the ppp interface and then setting up routing -- same results, no
> connectivity.
>
> Any help is greatly appreciated... thanks.
>
> --------------------------
> Scott M. Stone, CCNA <sstone at taos.com>
> UNIX Systems and Network Engineer
> Taos - The SysAdmin Company
>
>
>
> _______________________________________________
> pptp-server maillist - pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> List services provided by www.schulte.org!
>
More information about the pptp-server
mailing list